Cyber Security Engineer (Cloud)
Malvern/Remote
6 months
Role Purpose
The role exists to
- Design, develop & apply configuration of security tools/functions to reduce and mitigate vulnerabilities for cloud services & infrastructure
- Review and investigate security events to identify root cause and required response
- Reverse engineer & analyse attacks to understand their tools, methods and root causes
- Apply data analytics to inform and enrich understanding of any of the above
Key Accountabilities
- To design and implement security systems and resilient architectures.
- Analyse Security Systems and Architectures and provide support and engineering expertise to harden and remediate issues.
- Research Attack Techniques and Malware engineering to inform decision making for defence and resilience against attacks.
- Pro-active assessment of tools, software and vulnerabilities relevant to our customers and organisation to highlight cyber threat exposure.
- Design, implement, configure, and provide advice on secure cloud environments.
Key Capabilities
- Understand cyber security, its significance, concepts, threats, vulnerabilities and assurance.
- Understand Cyber Frameworks, Standards and best practices (e.g. ISO27001, NIST, MITRE ATT&CK and LM Cyber Killchain) and how to apply them.
- Good understanding of Cloud Network infrastructure and technology, internet protocols, quality of service and security tools.
- Good awareness of digital technology trends and a desire to stay up to date with the latest threats and solutions.
- Good understanding of operating systems architectures, mechanisms, security features and exploits.
- Understand antivirus software, firewall maintenance and breach detection.
- Able to analyse & reverse engineer malware and obfuscation to understand the attack techniques employed
- Able to do defensive programming to achieve malware resistance
- Able to employ code analysis, formal methods and industry good practices to code development
- Understand Secure DevOps principles, tools, approaches, complexity and software engineering.
- Understand approaches to cyber incident response, management, escalation, investigation & 3rd party involvement.
- Knowledge of Security Testing techniques and tactics
- Able to collaborate and work as part of a team
- Able to organise own work schedule, prioritise & work on own initiative unsupervised
- Able to engage and communicate effectively with stakeholders including customers
Experience & Qualifications
Essential
- Applying critical thinking to analyse and solve problems as they arise
- Developing secure solutions that mitigate malware and virus threats
- Developing secure solutions in (AWS or Azure) cloud environment
- Minimum of 3 years of experience in cyber security technical role within cloud environments.
- UK Security clearance or willingness to obtain one.
Desirable
- Cyber security certification e.g. CISSP, GSEC, CISM or degree level education.
- Cloud platform qualifications (AWS or Azure).
- Experience using cyber security frameworks in defence, national security or critical infrastructure sectors.
